A10 Networks has announced a new report with IDG Connect, “DDoS: A Clear and Ever Present Danger.” The report, which surveyed 120 IT decision makers at large organisations, finds businesses locked in combat with a growing army of online attackers. It finds that the average company suffers 15 DDoS attacks per year, with average attacks causing 17 hours of effective downtime, including slowdowns, denied customer access or crashes.
As DDoS attacks become more popular, they are also growing harder to defend. While the average peak bandwidth of attacks was a staggering 30-40 gigabits per second (Gbps), 59% organisations have experienced an attack over 40 Gbps. A majority of respondents (77%) also expect sophisticated multi-vector attacks to pose the most dangerous type of DDoS attack in the future.
Businesses are fighting back. More than half of the surveyed organisations said they planned to increase their DDoS prevention budgets in the next six months. IT security teams are the most likely to lead DDoS prevention efforts (36%), followed closely by the chief security officers (26%) and the CIO (26%).
“DDoS attacks are called ‘sudden death’ for good reason,” said Raj Jalan, CTO of A10 Networks. “If left unaddressed, the costs will include lost business, time-to-service restoration and a decline in customer satisfaction. The good news is our findings show that security teams are making DDoS prevention a top priority. With a better threat prevention system, they can turn an urgent business threat into an FYI-level notification.”
Key report findings include:
- The typical company was hit by an average of 15 DDoS attacks per year, with larger organisations experiencing more.
- One in five companies reported effective downtimes of over 36 hours, with the average attack resulting 17 hours.
- One-third of respondents reported DDoS attacks over 40 Gbps, with the most common attacks including UDP Flood (23%), Slow Post/Slowloris (16%) and SYN Flood (14%).
- Roughly three-fourth (77%) believe multi-vector attacks, which include volumetric and application layer attacks, will be the most dangerous in the future.
- Over half of the respondents plan to increase their DDoS budgets in the next six months (54%).
- Over half (53%) of respondents say that on-premise protection is required to be the most effective solution to address a multi-vector DDoS threat, either “hybrid” protection (34%), or an on premise appliance only solution (19%).
- To learn more about DDoS attacks and their effect on businesses, read the A10 Networks report here: DDoS: A Clear and Ever Present Danger.